Configuring VPN

A dynamic connection is one that dynamically generates and negotiates the keys that secure your connection, while it is active, by using the Internet Key Exchange (IKE) protocol. Dynamic connections provide an extra level of security for the data that flows across it because the keys change, automatically, at regular intervals. Consequently, an attacker is less likely to capture a key, have time to break it, and use it to divert or capture the traffic the key protects.

A manual connection, however, does not provide support for IKE negotiations, and consequently, automatic key management. Further, both ends of the connection require you to configure several attributes that must match exactly. Manual connections use static keys that do not refresh or change while the connection is active. You must stop a manual connection to change its associated key. If you consider this a security risk, you might want to create a dynamic connection instead.